From b4c1be6cb690ca75026c0a0469cbb736af83e379 Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Wed, 15 Mar 2023 22:53:29 +0100
Subject: [PATCH] Escape % chars in user input before passing to sprintf, fixes
 #11359

---
 src/Composer/DependencyResolver/Problem.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/Composer/DependencyResolver/Problem.php b/src/Composer/DependencyResolver/Problem.php
index 0ebe14c2a..8575430d4 100644
--- a/src/Composer/DependencyResolver/Problem.php
+++ b/src/Composer/DependencyResolver/Problem.php
@@ -126,6 +126,7 @@ class Problem
         foreach ($rules as $rule) {
             $message = $rule->getPrettyString($repositorySet, $request, $pool, $isVerbose, $installedMap, $learnedPool);
             if (in_array($rule->getReason(), $deduplicatableRuleTypes, true) && Preg::isMatch('{^(?P<package>\S+) (?P<version>\S+) (?P<type>requires|conflicts)}', $message, $m)) {
+                $message = str_replace('%', '%%', $message);
                 $template = Preg::replace('{^\S+ \S+ }', '%s%s ', $message);
                 $messages[] = $template;
                 $templates[$template][$m[1]][$parser->normalize($m[2])] = $m[2];